ToddAndMargo via users wrote: > Hi All, > > I encrypted a file with > gpg --symmetric foobar.txt > > It created foobar.txt.gpg file as expected > and I DID NOT tell it to store the passphrase. > > $ cat foobar.txt.gpg > clearly showed a binary file. > > When I ran > $less foobar.txt.gpg > > it showed me the recovered file without encryption > and DID NOT ask me for a passphrase. > > When I renamed the foobar.txt.gpg to foobar.txt > and ran "less" on it, now I get a binary file. > renaming it back to gpg and now it gets decrypted > again. > > HOW DID LESS figure out my key and decrypt my file?
The LESSOPEN env variable points to the lesspipe.sh script,
which is able to do things like running gpg -d for files
matching .gpg files and sending the output to less. It does
the same for tar files, so that less some.tar produces a
list of the files in some.tar. And so on for many other
file types.
> Are there are gpg keys stored somewhere" How do
> I whack (erase) them?
The gpg-agent caches passphrases, I believe the default TTL
is 2 hours. You can force that cache to be cleared if
that's the cause. I think that's:
gpg-connect-agent reloadagent /bye
but I haven't looked at the docs lately to confirm that.
--
Todd
signature.asc
Description: PGP signature
_______________________________________________ users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
